Security Week 34: VoLTE Transcript
An interesting study was presented at the 29th USENIX Security Conference on decrypting mobile calls in the event that a communication protocol is used VoLTE… This relatively recent technology involves the transmission of voice in the form of a data stream in LTE networks. Researchers from Germany and the UAE have discovered a vulnerability in the software for base stations, which allows decrypting data in a very non-trivial way.
The ReVoLTE attack became possible due to an error in the implementation of the voice conversation encryption protocol. If a subscriber makes or receives two calls in a row, a common stream cipher key is used for them. This feature was found in an earlier study, but the new work suggests a practical attack. It looks like this: the attacker intercepts the encrypted data stream, then makes a second call to the victim’s phone – this allows determining the encryption key. Using the received data, the attacker decrypts the contents of the first call.